I have a really weird problem with a DA UAG setup... The setup is pretty straight forward. One UAG server only running the DA with NAP (NAP is used for an OTP solution from Pointsharp) and on the inside the regular servers with a 2008R2 DC, two CA servers (one root and one sub for NAP), some RDS servers and some Fileservers. The RDS-servers are configured as a farm (farm01) and publishes remote apps to a RDS-Web and as start menu icons for the users (no publishing through the uag itself). The problem starts when a user clicks on the published application (ie excel), either through the RDSWeb or the startmenu icons, and gets a error message that the remote server isn't available. That in it self isn't that weird (could simply be a connectivity problem or whatever), however the following facts makes it stand out:

* Everything works fine allways if you're logged in as the built in domain administrator, however it doesn't allways work for a testuser even if that user is added to the domain admin group and is located in the same OU as the built in administrator.

* If you restarts the UAG-server everything works fine (even for the test user) for a period of time (a couple of hours) but the problem reoccurs after a while.

* Even though the published application doesn't start you can connect to farm01 through a regular RDP-client-session. You can also browse, ping and do regular SMB operations with all the servers on the network... in short everything but the published applications seems to work fine.

Some facts that might or might not be relavant:

* No errors or warnings in the eventlog on the client that i can find...

* The login time for the testuser is considerably higher than for the domain administrator... Aprox. 30-40 seconds for the user and 5-10 for the domain admin...

Any help or tips on where to start troubleshooting is highly appreciated.

Featured Links*

* Turns out I "only" have to restart the tmgfirewall service (not the whole server) to get everything to work for a while...

* The problem seems to occure when the first intranet tunnel has timed out (when the client has been disconnected/turned off long enough) and a second connection is made... I restarted the UAG and tried to log on with the test user and everything worked fine. Turned of the client computer and waited until the tunnels where gone from the UAG Web Monitor. Turned the PC back on and loged in with the test user... The published RDP apps doesn't work anymore...

* Logged in to Windows (and DA/UAG) as the test user, launched the remote app with test user credentitals - didn't work... still logged in as test user, launched the remote app with built in domain admin account's credential - works like a charm...